class ManageUserController < ManageController
  layout "background"

  def post_info_list
    @post_infos=PostInfo.find(:all,:conditions=>["user_id=?",session[:user_id]])
  end
  
  def post_info_edit
    @post_info=PostInfo.find_by_id(params[:id])
  end
  
  def post_info_update
    @post_info=PostInfo.find_by_id(params[:id])
    if @post_info.update_attributes(params[:post_info])
      flash[:notice]="修改成功！"
    else
      flash[:notice]="修改失败！"
    end
    redirect_to(:action=>"post_info_list")
    
  end
  
  def post_info_destroy
    @post_info=PostInfo.find(params[:id])
    if @post_info.destroy
      flash[:notice]="删除成功！"
    else
      flash[:notice]="删除失败！"
    end
    redirect_to(:action=>"post_info_list")
  end
  
  def post_info_new
    @post_info=PostInfo.new
  end
  
  def post_info_create
    @post_info=PostInfo.create(params[:post_info])
    if @post_info.save
      flash[:notice]="保存成功！"
    else
      flash[:notice]="保存失败！"
    end
    redirect_to(:action=>"post_info_list")
    
  end

  def account_list
    @account_records=AccountRecord.find(:all,:conditions=>["account_id=?",(User.find(session[:user_id])).account.id])
  end
  
  def account_edit
    if account=User.find(session[:user_id]).account
      @account_num=account.account_num
    else
      @account_num=""
    end
  end
  
  def account_update
    if request.post?
    user=User.find(session[:user_id])
    if user.account.nil?
      acc=Account.new 
      acc.account_money=0      
    end
      acc.account_num=params[:account_num]
    begin 
      acc.save!
      user.account=acc
      user.save!
    rescue ActiveRecord::RecordNotSaved
      notice("绑定失败！")
      redirect_to(:action=>:account_edit)
    else
      notice("绑定成功！")
      redirect_to(:action=>:account_edit)
    end
    end
  end
  
  def to_add_money
    acc=Account.find_by_user_id(session[:user_id])
    unless acc.nil?
      @account_num=acc.account_num
    else
      redirect_to(:action=>:account_edit)
    end
  end
  
  def add_money
    if request.post?
      begin
      acc=User.find(session[:user_id]).account
      #acc.account_money+=Integer(params[:money])
      #acc.save!
      AccountManager.add_money({:account=>acc,:money=>params[:money]})
      rescue ActiveRecord::RecordNotSaved
        notice("充值失败！")
        redirect_to(:action=>:account_edit)
      else
        notice("充值成功！")
        redirect_to(:action=>:account_edit)
      end
    end
  end
  
  def new_order
    @cart=find_cart
  end
  
  def delete_from_cart
    if request.post?
      @cart=find_cart
       if @cart.delete_product_at(params[:id])
         flash[:notice]="该商品不存在！"
       end
       redirect_to(:action=>:new_order)      
    else
      redirect_to(:action=>:new_order)
    end  
  end
  
  def user_pay
    @cart=find_cart
    user=User.find(session[:user_id])
    shop=Shop.find(@cart.shop_id)
    order=Order.get_paid_order(:user=>user,:shop=>shop,:cart=>@cart)
    if OrderManager.paid_to_third(order)
      flash[:notice]="save successful!"
    else
      flash[:notice]="save fail!"
    end
    empty_cart
    redirect_to(:action=>:new_order)
  end
  
  def paid_to_seller
    order=Order.find(params[:id])
    if OrderManager.paid_to_seller(order)
      flash[:notice]="save successful!"
    else
      flash[:notice]="save fail!"
    end
    empty_cart
    redirect_to(:action=>:new_order)
  end
  
  def order_list
    @orders=Order.find(:all,:conditions=>["user_id=?",session[:user_id]])
  end
  
  def order_show
    @order = Order.find_by_id(params[:id])
    if !(@order&&@order.user_id==session[:user_id])
      flash[:notice]="你无权限查看该订单！"
      redirect_to(:action=>"consume_list")
    end
  end

  def user_info_index
    @user = User.find(session[:user_id])
  end
  
  def edit_user_info
    @user =User.find(params[:id])
  end
  
  def update_user_info
    @user = User.find(params[:id])
      if @user.update_attributes(params[:user])
        flash[:notice] = '用户信息修改成功！'
      else
        flash[:notice] = '用户信息修改失败！'
      end
      redirect_to(:action=>"user_info_index",:id=>session[:user_id])
  end
  
  def change_password
    @user=User.find(session[:user_id])
  end
  
  def update_user_password
    if request.post?
      @user=User.authenticate_by_id(session[:user_id], params[:password])
      @user.password=params[:new_password]  
      
      if @user.update_all
        flash[:notice]='密码修改成功！' 
      else
        flash[:notice]='密码修改失败！'      
      end
        redirect_to(:action=>"user_info_index",:id=>session[:user_id])
      end
  end
  
  private  
  def find_cart
      session[:cart] ||=Cart.new
  end
  
  def empty_cart
    session[:cart]=nil
  end
end
